Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/jYI-EBmf2y2fmSr0GiV2vM_MUu8.roa
File: jYI-EBmf2y2fmSr0GiV2vM_MUu8.roa (raw, json)
Hash identifier: ThJoMZuwr5rB4/z2JOvrV0jvHXuDwsENqIKo9LQSXVQ=
Subject key identifier: 8D:82:3E:10:19:9F:DB:2D:9F:99:2A:F4:1A:25:76:BC:CF:CC:52:EF
Certificate issuer: /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Certificate serial: 0AC8
Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/jYI-EBmf2y2fmSr0GiV2vM_MUu8.roa
Signing time: Wed 04 Nov 2020 07:58:34 +0000
ROA not before: Wed 04 Nov 2020 07:58:34 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18424
IP address blocks: 2404:8cc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2760 (0xac8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Validity
Not Before: Nov 4 07:58:34 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=8D823E10199FDB2D9F992AF41A2576BCCFCC52EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:52:f5:dd:89:dd:23:7d:d9:c2:a6:b6:53:e3:
14:2e:e1:6b:fa:63:81:29:a0:fd:00:01:83:8a:10:
e6:1f:a9:cc:f1:27:28:63:9a:d2:a4:94:98:ca:f0:
04:5b:d0:f0:bf:7b:8c:5d:c1:be:96:5d:ed:01:de:
9f:1a:69:7b:0c:4f:1b:2c:af:41:98:41:18:de:35:
70:c6:32:08:da:6c:24:0c:5f:f9:e7:28:5c:21:fe:
bc:d3:2a:39:14:c2:94:d7:ee:f4:c8:a6:22:96:69:
c4:bc:87:d2:a1:53:d2:2c:7a:af:10:29:03:5e:13:
0a:9b:5e:40:fd:d9:b1:0a:e4:71:73:3c:91:83:8a:
c5:d3:4d:b0:39:23:8d:bc:42:bd:fa:14:6c:6c:04:
93:42:8c:2f:7a:05:2e:9d:92:ca:60:52:b0:bf:e0:
c8:80:12:d0:34:59:69:b4:0c:e1:1c:bb:78:eb:54:
bc:2d:8a:6d:4d:f2:46:e6:c1:6d:62:62:03:0e:ea:
ec:7e:ee:4d:91:ab:73:d3:8a:66:74:b5:a7:07:b3:
fd:41:a6:15:40:a9:3c:3e:14:a1:29:a7:fb:49:70:
f6:ab:e8:44:22:95:64:87:5c:85:a8:69:d2:fc:01:
98:52:42:fb:d8:cf:69:09:d6:79:b5:86:73:1b:fa:
12:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:82:3E:10:19:9F:DB:2D:9F:99:2A:F4:1A:25:76:BC:CF:CC:52:EF
X509v3 Authority Key Identifier:
keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/jYI-EBmf2y2fmSr0GiV2vM_MUu8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:8cc0::/32
Signature Algorithm: sha256WithRSAEncryption
a1:9f:29:4e:81:a4:1e:60:5e:2b:dc:c8:4c:88:5e:d1:4e:14:
30:da:45:6c:75:bf:7b:9e:c4:dc:21:31:07:d3:55:69:3d:c2:
bb:ba:7b:7b:67:25:fc:54:3e:35:95:4e:8b:69:68:0a:9e:ad:
ce:74:dc:50:06:35:8e:ff:8e:7f:b4:9d:be:00:c9:1a:ce:99:
e9:97:15:dd:18:8c:57:e7:52:f5:65:bb:bb:9e:48:e9:9a:ad:
cd:4f:1e:b5:3f:fa:80:0f:37:4c:ae:c8:69:a2:0b:9a:80:1a:
04:68:4a:d2:92:f6:53:db:f2:78:09:d8:b1:d0:1c:4f:d9:86:
56:33:55:73:b7:df:a3:7c:5c:bf:f6:7b:b4:67:4e:e4:5e:56:
0f:69:4d:a0:89:43:c0:72:1f:a5:e6:08:ae:e8:30:8e:3d:f7:
52:a9:0e:13:d6:f2:ce:35:7f:e3:78:97:06:55:1a:2c:09:d7:
19:f7:ff:29:69:07:dd:07:02:22:69:b3:2c:18:b5:cb:fb:0a:
65:bb:5b:9a:24:ac:4b:58:04:82:2c:7c:86:1f:5c:21:e3:fc:
f3:41:34:be:2c:66:89:8b:0f:0c:d0:3e:78:5f:de:de:67:72:
f7:63:24:05:65:63:30:aa:13:e2:a8:37:3e:8c:d5:79:81:dd:
c4:c4:e8:37
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICCsgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG
MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yMDExMDQw
NzU4MzRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDhEODIzRTEwMTk5RkRC
MkQ5Rjk5MkFGNDFBMjU3NkJDQ0ZDQzUyRUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjUvXdid0jfdnCprZT4xQu4Wv6Y4EpoP0AAYOKEOYfqczxJyhj
mtKklJjK8ARb0PC/e4xdwb6WXe0B3p8aaXsMTxssr0GYQRjeNXDGMgjabCQMX/nn
KFwh/rzTKjkUwpTX7vTIpiKWacS8h9KhU9Iseq8QKQNeEwqbXkD92bEK5HFzPJGD
isXTTbA5I428Qr36FGxsBJNCjC96BS6dkspgUrC/4MiAEtA0WWm0DOEcu3jrVLwt
im1N8kbmwW1iYgMO6ux+7k2Rq3PTimZ0tacHs/1BphVAqTw+FKEpp/tJcPar6EQi
lWSHXIWoadL8AZhSQvvYz2kJ1nm1hnMb+hIFAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUjYI+EBmf2y2fmSr0GiV2vM/MUu8wHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75
mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ
RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRFdUL2pZSS1FQm1mMnkyZm1TcjBHaVYydk1f
TVV1OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkBIzAMA0G
CSqGSIb3DQEBCwUAA4IBAQChnylOgaQeYF4r3MhMiF7RThQw2kVsdb97nsTcITEH
01VpPcK7unt7ZyX8VD41lU6LaWgKnq3OdNxQBjWO/45/tJ2+AMkazpnplxXdGIxX
51L1Zbu7nkjpmq3NTx61P/qADzdMrshpoguagBoEaErSkvZT2/J4Cdix0BxP2YZW
M1Vzt9+jfFy/9nu0Z07kXlYPaU2giUPAch+l5giu6DCOPfdSqQ4T1vLONX/jeJcG
VRosCdcZ9/8paQfdBwIiabMsGLXL+wplu1uaJKxLWASCLHyGH1wh4/zzQTS+LGaJ
iw8M0D54X97eZ3L3YyQFZWMwqhPiqDc+jNV5gd3ExOg3
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:00 2023 by rpki-client on console-fra.rpki-client.org